Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-27 09:59:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/README.initrd
Patrick J Volkerding df07d8b7cd Wed Mar 27 20:37:56 UTC 2019 
a/kernel-generic-4.19.32-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.32-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.32-x86_64-1.txz:  Upgraded.
ap/hplip-3.19.3-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.32-x86-1.txz:  Upgraded.
d/python3-3.7.3-x86_64-1.txz:  Upgraded.
  Fixed bugs and the following security issues:
  bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
  characters that decompose under IDNA encoding (NFKC-normalization) into
  characters that affect how the URL is parsed.
  bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The
  cert parser did not handle CRL distribution points with empty DP or URI
  correctly. A malicious or buggy certificate can result into segfault.
  Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet
  of Cisco.
  bpo-35121: Don't send cookies of domain A without Domain attribute to
  domain B when domain A is a suffix match of domain B while using a
  cookiejar with http.cookiejar.DefaultCookiePolicy policy.
  Patch by Karthikeyan Singaravelan.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
  (* Security fix *)
d/scons-3.0.5-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.32-noarch-1.txz:  Upgraded.
n/curl-7.64.1-x86_64-1.txz:  Upgraded.
n/gnutls-3.6.7-x86_64-1.txz:  Upgraded.
  Fixes security issues:
  libgnutls, gnutls tools: Every gnutls_free() will automatically set
  the free'd pointer to NULL. This prevents possible use-after-free and
  double free issues. Use-after-free will be turned into NULL dereference.
  The counter-measure does not extend to applications using gnutls_free().
  libgnutls: Fixed a memory corruption (double free) vulnerability in the
  certificate verification API. Reported by Tavis Ormandy; addressed with
  the change above. [GNUTLS-SA-2019-03-27, #694]
  libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
  messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
  libgnutls: enforce key usage limitations on certificates more actively.
  Previously we would enforce it for TLS1.2 protocol, now we enforce it
  even when TLS1.3 is negotiated, or on client certificates as well. When
  an inappropriate for TLS1.3 certificate is seen on the credentials
  structure GnuTLS will disable TLS1.3 support for that session (#690).
  libgnutls: enforce the equality of the two signature parameters fields
  in a certificate. We were already enforcing the signature algorithm,
  but there was a bug in parameter checking code.
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-03-28 08:59:45 +01:00

99 lines
3.5 KiB
Text
Raw Permalink Blame History

Slackware initrd mini HOWTO
by Patrick Volkerding, volkerdi@slackware.com
Wed Mar 27 20:14:05 UTC 2019
This document describes how to create and install an initrd, which may be
required to use the 4.x kernel. Also see "man mkinitrd".
1. What is an initrd?
2. Why to I need an initrd?
3. How do I build the initrd?
4. Now that I've built an initrd, how do I use it?
1. What is an initrd?
Initrd stands for "initial ramdisk". An initial ramdisk is a very small
Linux filesystem that is loaded into RAM and mounted as the kernel boots,
and before the main root filesystem is mounted.
2. Why do I need an initrd?
The usual reason to use an initrd is because you need to load kernel
modules before mounting the root partition. Usually these modules are
required to support the filesystem used by the root partition (ext3, ext4,
btrfs, xfs), or perhaps the controller that the hard drive is attached
to (SCSI, RAID, etc). Essentially, there are so many different options
available in modern Linux kernels that it isn't practical to try to ship
many different kernels to try to cover everyone's needs. It's a lot more
flexible to ship a generic kernel and a set of kernel modules for it.
3. How do I build the initrd?
The easiest way to make the initrd is to use the mkinitrd script included
in Slackware's mkinitrd package. We'll walk through the process of
upgrading to the generic 4.19.32 Linux kernel using the packages
found in Slackware's slackware/a/ directory.
First, make sure the kernel, kernel modules, and mkinitrd package are
installed (the current version numbers might be a little different, so
this is just an example):
installpkg kernel-generic-4.19.32-x86_64-1.txz
installpkg kernel-modules-4.19.32-x86_64-1.txz
installpkg mkinitrd-1.4.11-x86_64-12.txz
Change into the /boot directory:
cd /boot
Now you'll want to run "mkinitrd". I'm using ext4 for my root filesystem,
and since the disk controller requires no special support the ext4 module
will be the only one I need to load:
mkinitrd -c -k 4.19.32 -m ext4
This should do two things. First, it will create a directory
/boot/initrd-tree containing the initrd's filesystem. Then it will
create an initrd (/boot/initrd.gz) from this tree. If you wanted to,
you could make some additional changes in /boot/initrd-tree/ and
then run mkinitrd again without options to rebuild the image. That's
optional, though, and only advanced users will need to think about that.
Here's another example: Build an initrd image using Linux 4.19.32
kernel modules for a system with an ext4 root partition on /dev/sdb3:
mkinitrd -c -k 4.19.32 -m ext4 -f ext4 -r /dev/sdb3
4. Now that I've built an initrd, how do I use it?
Now that you've got an initrd (/boot/initrd.gz), you'll want to load
it along with the kernel at boot time. If you use LILO for your boot
loader you'll need to edit /etc/lilo.conf and add a line to load the
initrd. Here's an example section of lilo.conf showing how this is
done:
# Linux bootable partition config begins
image = /boot/vmlinuz-generic
initrd = /boot/initrd.gz
root = /dev/sda6
label = Slackware
read-only
# Linux bootable partition config ends
The initrd is loaded by the "initrd = /boot/initrd.gz" line.
Just add the line right below the line for the kernel image you use.
Save the file, and then run LILO again ('lilo' at the command line).
You'll need to run lilo every time you edit lilo.conf or rebuild the
initrd.
Other bootloaders such as syslinux also support the use of an initrd.
See the documentation for those programs for details on using an
initrd with them.
---------
Have fun!
Reference in a new issue View git blame Copy permalink